This is a good change. Now I can use tt-rss itself to monitor the Git repo and pull new versions whenever an interesting change has been committed.

Transition was smooth:

Backed everything up.

Cloned git repo into a new directory on my web server.

Copied over config.php and feed icons.

Diff'd new config.php-dist against old config.php-dist and noted the changes.

Ported changes to config.php.

Turned off daemon watchdog cron job.

Killed daemon.

Moved old tt-rss install out.

Moved new tt-rss install in.

Turned watchdog cron job back on, which started the daemon back up.

Logged in via web browser and update database schema.

This is pretty much the process I went through with the auto updater anyway. It's never a good idea to do a fully-automated upgrade because of config file changes (otherwise it would be tempting to have a git pull cron job).

nwsc wrote:I noticed the updater stuff had been taken from the config.php-dist (duh!), so removed that by hand from my config.php. (will I always have to do this?)

My question follows up with this statement. After converting to using git, when doing a git pull, what will happen to the config.php file? Will it be overwritten, and need to be edited again, or will git prompt you for conflict resolution?

What I found was that every once in awhile a change would occur to the config file, and unless you were paying attentionand manually checking it every time you did an update, you'd miss the changes. Depending on what it was, it could cause an issue.

If you are using the git_ttrss utility you don't have to worry about it. It automatically checks for any config file changes, among other things, each time it runs.

Liked your script a lot cktt, added a bit onto it, including stopping and starting the update daemon and backing up the installation before updating. I run this nightly through cron. I run this on Ubuntu, so folk might need to tweak it for other distros.

Hi, I have been using tt-rss for quite some time now. I am self-hosting a lot of software and try to keep my server updated to avoid security issues.I don't mind using git, I use it on my own projects a lot. However I currently don't see a way to keep my server updated in a secure way using only git.I don't want to automatically update via git because that gives me no way to review code changes. This option essentially gives anyone with commit permissions full control over my server. I also don't have enough time to watch github commits to see if there is some security fix burried in the commit logs.If you want to abandon tarball releases and move to git fine, but please establish a way to inform users of security problems. I recommend using an rss feed for that.

hello, dswd. welcome to our forums. this may come as a surprise but you are really fucking dumb. sorry.

let's go through your dumb post:

1. an SCM where you can see per-changeset diffs somehow gives you no way to "review code changes" but downloading a huge-ass tarball once a few months with god knows how many changes instead does. this is profoundly retarded thing to say in itself, i mean it's just so fucking dumb it makes my head hurt.

i'm sure before updating the tarball-updater way you made a unified diff of tt-rss-old and tt-rss-new and went through it by hand, you luddite. that is, while actually being capable of understanding the actual changes and their underlying reasoning. otherwise you're just shitting me with all this crap about security issues you allegedly care so much about.

1A. as a sidenote, i have significant doubts that you have the capacity of reviewing shit. lol.1B. i'm not going to get into the apparent false dichotomy of an SCM forcing you to do unattended upgrades for some reason because, well, why bother.

2. anyway, if you read the op before posting retarded shit itt, you'd know that "releases" in tt-rss sense had always been nothing more than trunk snapshots made when i sorta-kinda felt like it. i.e. the exact same fucking code committed by people with exact same commit rights (that is, me) only delivered to you at random intervals and in a highly inefficient way.

which brings us to 3:

3. so, i guess what i'm saying is, instead of trying to recommend me anything , you should stop and rethink your life of apparent ignorance and inability to reason which led you to the point whereas you made the above post in this here thread, forumposter dswd.

but wait, there's more:

4. fortunately, luckily for you, despite the absolute idiocy wrt anything related to securing your personal data, i can absolutely guarantee you that nobody in the world fucking cares about your rss feeds, so you are absolutely safe. so there's that at least. you can revel in joy being saved by your own insignificance.

i'm not sure why so many of your ~i'm gonna host my own shit for privacy and owning big corporations~ types are so hilariously dumb but lol if you think you're the first one and sadly i know you're not the last one.